Microsoft Accidentally Leaks 'Golden Keys' That Unlock Secure Boot-Protected Windows Devices: Oops?
Microsoft accidentally leaked the "golden keys" that will allow hackers to unlock Windows-powered devices that are protected by Secure Boot, and the company is now scrambling to fix the blunder.
The Secure Boot feature is a part of Microsoft's Unified Extensible Firmware Interface (UEFI) firmware that makes sure that all components of the system boot process of a Windows device is signed and validated.
According to security researchers who go by the names Slipstream and MY123, with the keys, attackers will be able to run operating systems other than Windows on the devices such as Android or Linux.
Hackers who are also able to either acquire admin rights or physical access to devices could then also install and execute rootkits and bootkits, presenting a grave security threat for users.
Secure Boot works with several policies that are followed by the boot manager of Windows. For purposes of testing and tweaking, Microsoft has one boot policy that loads early in the process and disables the checks for operating systems. Developers can use this policy to boot other systems such as self-signed binaries.
This "golden key" policy, however, was inadvertently shipped out along with retail devices, and discovered by Slipstream and MY123. The policy was deactivated in the devices, but they were included nonetheless.
The researchers have now leaked the policy online. The policy, signed by the Windows Production PCA 2011 key of Microsoft, can be provisioned into devices as an active policy, which will disable Secure Boot.
Making matters worse is the fact that it is a universal policy, and not tied to a single device or architecture. The "golden key" can be used on both ARM and x86, on any device that uses the boot manager of Windows.
The researchers have since reported their discovery to Microsoft, initially ignoring the report around March to April and then later awarding a bug bounty a few months after. Microsoft has released security patches as an attempt to solve the problem, but so far has failed in affecting the capabilities of the "golden key."
"About the FBI: are you reading this? If you are, then this is a perfect real world example about why your idea of backdooring cryptosystems with a 'secure golden key' is very bad!" wrote the researchers on an online post discussing their discovery. The rant is related to FBI's demand from Apple earlier in the year to create a backdoor to bypass the security system of the iOS, as the bureau was looking to unlock the iPhone 5c of one of the shooters in the San Bernardino tragedy last year.
The FBI said that the use of the backdoor will be limited and that it will not fall into the wrong hands, but the mere presence of such an exploit is a risk that Apple was not willing to take as the company refused to give in to the FBI's demands.
The "golden key" leak is a nightmare for Microsoft as it is now desperate to patch up its mistake. The incident, in addition, clarifies the risk that Apple projected in the creation of backdoors for systems.